LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-08 06:54:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): lock sandbox tmp media paths to openclaw roots

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 23:09:34 +00:00
parent bf8ca07deb
commit d3da67c7a9
13 changed files with 364 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
test/scripts/check-no-random-messaging-tmp.test.ts Normal file
View File

@@ -0,0 +1,36 @@
import { describe, expect, it } from "vitest";
import { findMessagingTmpdirCallLines } from "../../scripts/check-no-random-messaging-tmp.mjs";
describe("check-no-random-messaging-tmp", () => {
it("finds os.tmpdir calls imported from node:os", () => {
const source = `
import os from "node:os";
const dir = os.tmpdir();
`;
expect(findMessagingTmpdirCallLines(source)).toEqual([3]);
});
it("finds tmpdir named import calls from node:os", () => {
const source = `
import { tmpdir } from "node:os";
const dir = tmpdir();
`;
expect(findMessagingTmpdirCallLines(source)).toEqual([3]);
});
it("ignores mentions in comments and strings", () => {
const source = `
// os.tmpdir()
const text = "tmpdir()";
`;
expect(findMessagingTmpdirCallLines(source)).toEqual([]);
});
it("ignores tmpdir symbols that are not imported from node:os", () => {
const source = `
const tmpdir = () => "/tmp";
const dir = tmpdir();
`;
expect(findMessagingTmpdirCallLines(source)).toEqual([]);
});
});